Multiple vulnerabilities were identified in Skype, which could be exploited by remote attackers to execute arbitrary commands or cause a denial of service.

The first issue is due to buffer overflow errors when processing a specially crafted "callto://" or "skype://" URL, which could be exploited by attackers to execute arbitrary commands.

The second vulnerability is due to an error when importing non-standard VCARD files, which could be exploited by attackers to compromise a vulnerable system by convincing a user to import a malicious VCARD.

The third flaw is due to an unspecified error in a specific networking routine, which could be exploited by attackers to execute arbitrary commands or cause a denial of service.